package com.test.ml.filter;

import com.test.ml.utils.ShiroUtil;
import com.test.ml.yqs.enums.RequestStatusEnum;
import com.test.ml.yqs.utills.ResultJson;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * @author 马亮
 * @version V1.0
 * @Description: TODO
 */
public class MyFilter extends PermissionsAuthorizationFilter {
    @Override
    public boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object o) throws IOException {
        HttpServletRequest request = (HttpServletRequest) servletRequest;

//        String path = request.getServletPath();
//        System.out.println("request path = " + path);
//        Subject subject = getSubject(servletRequest,servletResponse);
//        if(path.equals("/RPCAFA2A208FA648EA27C1EC30CADFC8B3D"))
//        {
//            return true;
//        }
       /* String[] perms = (String[])((String[])o);
        boolean isPermitted = true;
        if(perms != null && perms.length > 0) {
            if(perms.length == 1) {
                if(!subject.isPermitted(perms[0])) {
                    isPermitted = false;
                }
            } else if(!subject.isPermittedAll(perms)) {
                isPermitted = false;
            }
        }*/

        return super.isAccessAllowed(servletRequest,servletResponse,o);
    }
    /**
     * 会话超时或权限校验未通过的，统一返回401，由前端页面弹窗提示
     */
    @Override
    protected boolean onAccessDenied(ServletRequest request, ServletResponse response)
            throws IOException {
        System.out.println("no permission");
        Subject subject = getSubject(request,response);
        if(subject.getPrincipal() == null)
        {
            ShiroUtil.writeResponse((HttpServletResponse) response, ResultJson.buildResult(RequestStatusEnum.NOT_LOGIN,"请先登录",null));
        }else{
            ShiroUtil.writeResponse((HttpServletResponse) response,ResultJson.buildResult(RequestStatusEnum.NOT_AUTHORIZATION,"没有权限",null));
        }
        return false;
    }
}